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>. v Client computer initiates 

Enter ) communication with Authentication Server 



Client computer locates infomation about 
Authentication Server 



70 



✓74 

^ Does ^ 
Authentication Server^^jH 
.have a "trusted" ID. 

Yes" 



76 



Display set-up error message 



Client computer selects communication channels ^78 
for communicating with the Authentication Server 



Client computer sets a message sequence number (i) stored in 
an access table equal to 1 (i =1) 



80 



Client computer sends a connection request to the Authentication 
Server including (i) a request for Secret Key (e), (ii) the identify 
of the client and (iii) an inboard communication channel 



Client computer receives doubly encrypted key (e") from the 
Authentication Server 



86 



Client computer decrypts key (e") with Authentication Server's 
public key to obtain message identifer (e 1 ) and stores (e') 
in an access table 



Client computer decrypts message identifier (e') with 
client's private key to obtain secret key (e) and stores (e) 
in the access table 



FIG. 5A 
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(Enter) 



Establish trust relationship between 
client computer and Authentication Server 



Authentication Server receives a connection request 
from a client computer 



148 




^52 



Send error message to 
client computer 



Authentication Server generates a random number 
that will be a Secret Key (e) for message encryption 



I 



154 



Authentication Server encrypts Secret Key (e) 
with client's public key to obtain message identifier (e 1 ) 

I zz 



,156 



Authentication Server creates a new access record in an 
access table storing secret key (e), message identifier (e') and a 
message sequence number (i) with a value of 1 




,158 



162 



Authentication Server encrypts message identifier (e') with 
Authentication Server's private key to obtain 
doubly encrypted key (e") 



I 



Authentication Server sends doubly encrypted key (e") to client 
computer identified in the connection request 
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FIG. 5B 



POU920030162US1 
6/12 



Client's computer sends message 

, v with message data for a software 

Q Enter j application to Authentication Server 



Client computer obtains the message data and attaches 
a message sequence number (i) and a hash code 



Client computer encrypts the message date with (e+i) 



Client computer attaches a message header (e+i) 
encrypted with (e+i) ot the message data 



Client computer attaches a message identifier (e 1 ) 
to the message header and the message data to 
complete a message 



Client computer sends the message to the 
authentication server 



168 



170 



172 



174 



Client computer increments the 
message sequence number (i) 



176 



FIG. 5C 
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(Enter) 



Client computer sends messages with 
control code to Authentication Server 



Client computer creates a message having: 

(1 ) a message data portion having an 
'end processing" control request, 

(2) a message sequence number (i) = 0, and 

(3) a hash code 



180 



Client computer sends the message to the 
Authentication Server 



182 




Z 



1,88 



Display message 
lost in transmission 
message 



Client computer creates a message having: 

(1 ) a message data portion having an 
"disconnect session" control request, 

(2) a message sequence number (i) = 0, and 

(3) a hash code 



190 







Client computer sends the message to the 
Authentication Server 






Client computer removes access record associated 
with the Authentication Server from the access table 






Client computer closes the outbound communication channel 



192 
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(ExiT) FIG. 5D 
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f Enter^) Authentication Server receives message 
V ^ J from clien t computer 



Authentication Server receives an encrypted message 
from the client computer including a message header, 
message identifier (e'), message data 



T 



190 



Authentication Server searches the access table to 
determine if the message identifer (e 1 ) is valid 




192 



1.96 



Error message is sent to 
client computer 



Authentication Server decrypts message header using 
both the secret key (e) and the 
message sequence (i) stored in the access table 



2.00 
NO 




198 



2,02 



Execute Abnormal Error 
Condition Routine 



Authentication Server increments message sequence 
number in the access table (i=i+1) 

I 



204 



^206 



Authentication Server sends the message index (i) and 
secret key (i) and the message data to the Application Server 

I 



Execute Run Application Routine 

Cm) 



-208 



FIG. 5E 
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Abnormal Error Condition Routine 



(Enter) 




.12 



Execute Error 
Flow Routine 



Authentication Server sends 
the message sequence 
number (i) and 
the message data 
to the Application Server 



Authentication Server 
removes a record having 
message identifier (e 1 ) 
from the access table 



Execute 
"Run Application" Routine 



222 



Authentication Server 
closes communication channel 
with client computer 



(j*D 



FIG. 5F 



POU920030162US1 
10/12 



Run Application Routine 
(Erttar) 224 

_T_ l_ 

Application Server receives message from Authorization Server 




Application Server decrypts the message data using 
message sequence number (i) and secret key (e) 




Process data records of 
message data using a 

predetermined 
software application 



FIG. 5G 
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Control Message Routine 



(Enter) 



-238 



Application Server clears any messages stored in RAM 



-240 



Application Server encrypts message sequence number (i) 
from the message using secret key (e) to obtain key (i 1 ) 



-242 



Application Server sends message identifier (e 1 ) and 
key (i') to requester's computer 



FIG. 5H 
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Error Flow Routine 



(bE) 

:: , -24 4 

Either the Authentication Server or the Application Server 
encrypts the message sequence number (i) of the last 
valid message received with the secret key (e) to obtain key (i') 

\ , -24 6 

Either the Authentication Server or the Application Server 
sends the message identifier (e 1 ) , key (i'), and an 
error indicator to requester's computer 



FIG. 51 



